package cn.tx.security.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @Package: cn.tx.security.controller
 * @Description: 类作用描述
 * @Author Mxb
 * @CreateDate 2020/10/31 15:15
 * @Version 1.0
 */
@RestController
public class HelloController {

    @RequestMapping("test/hello")
    public String hello1() {
        return "hello security";
    }

    @RequestMapping("login/success")
    public String success() {
        return "---欢迎你，登录成功，登陆成功后跳转的页面----";
    }


    //@Secured({"menu:system", "ROLE_管理员"})
    @PreAuthorize("hasAnyAuthority('menu:system')")
    @RequestMapping("test/index")
    public String index() {
        return "hello index,有admins 权限";
    }

    @PreAuthorize("hasAnyRole('ROLE_普通用户')")
    //@Secured({"ROLE_普通用户"})
    @RequestMapping("test/manager")
    public String index2() {
        return "hello index2,有管理员权限";
    }


    /**
     * 查看登录用户信息
     */
    @GetMapping("/get-auth")
    public Authentication getAuth() {
        return SecurityContextHolder.getContext().getAuthentication();
    }
}
